Recent Posts

HOW TOHACK Android Device with TermuX on Android | Part #1 - Over the Internet

You can call it as: "Android to Android Hacking". This method works 100%, so follow my tutorial carefully, it is really very easy to follow (but a bit Complicated). If you got any errors or you think I`ve missed something, then inform me in Comments section. I`ll try best to solve the problem.DISCLAIMER: This Thread is O.N.L.Y for Education Purposes. I will not be Responsible of Any Negative and Illegal use of this information. Try not to HACK the Androids, other than your`s. Or you will be in PRISON. Only Use this information for testing purposes or impressing your friends.

So, lets get started...

Requirements

1). Android 5.0 (Or later. Tutorial for for older versions will be published soon...)

Many People use NGROK for Port Forwarding. But in NGROK, you can see that it will generate a new Domain or Port when you Re-connect to it. Reserved Domain and Port is Unfortunately only available for PAID or their Premium Costumers. That is why, for NGROK you have to generate a new APK file every time you start hacking.BUT HERE... we are gonna use Serveo. In Serveo, you can manually forward your desired port on Internet (and can forward it again in future). To use Serveo Port Forwarding, you have to install OpenSSH package for TermuX. For this, enter this command in TermuX:

It may ask you about default ssh or something like this. Just type "yes" when it ask about it.Here, you have to keep some points in mind; IF you want to forward an HTTP Port, then select different ports in both "Desired_Port" fields. But here we gonna forward a TCP port. To forward TCP port, you have to enter same, desired ports in "Desired_Ports" field. Also, do not change "localhost". Here we are going to Forward a TCP port: 4564 (just for an example). After forwarding port, it may look like this:

(Optional) Name this session: Port Forwarding

Creating APK File with Embedded Payload

To create APK File with Embedded Payload, enter this command in NEW SESSION:

Alright... Now the APK file with Embedded payload is successfully generated here: Phone/SD-Card Storage -> downloads -> Updater.apk(OPTIONAL) You can use APK Editor Pro , to change the name (Default: MainActivity), and Version of the generated APK file.

Activate Metasploit Framework in TermuX by entering this command in new session:

msfconsole

— Metasploit Framework Console

Note(1):- If you have not installed Metasploit-Framework in your TermuX app yet, then follow This Tutorial: Install Metasploit Framework in your Termux

Note(2):- If you are getting this error: Failed to connect to the database , as shown in the below screenshot, enter the following commands in NEW SESSION (Unfortunately You may have to enter these commands every time you open TermuX (in a separate session) . But fortunately entering no such (following) commands, will not affect your Hacking! That`s why, I`m ignoring this error :) :

Now, Send the Payload-Signed.apk file into your victim`s android device (e.g. via Bluetooth is Recommended) -> Install it -> then open it (Make sure that the victim`s device has an active internet connection).After opening APK file in victim`s phone, you will see that Meterpreter Session in your Metasploit field will be activated. To open the Meterpreter session of your victim`s device, click "Return Button" and enter this Command in Metasploit session:

sessions -i (Session ID)

— (Session ID) = 1 , 2 , 3 , 4 or 5 ...

In (Session ID) , select the session number of Meterpreter (i.e. You will see this message when your victim opens the APK file: Meterpreter Session Opened 1 , here , 1 is the session id of Meterpreter Session).If you see the following window, then
Pic 12
BINGO.......!!!!!!!! You have successfully hacked your Victim`s Android Device

!!!...Need Some Help While Hacking...???

You can enter: {meterpreter> help} command, for all the available commands, here, I`ve simplified some commands for you.

Taking Stealth Snapshot from Front Camera

Just enter this command for this:

webcam_snap -i 2 -p storage/downloads/X-Stealth-Snapshot-F.jpg

Here, in this command, 2 is representing the front camera. For Back camera, we will use 1.

This might happen, if you do anything wrong in installing TermuX on android. If you see error like GEMS not found, or any this kind of error, simply Delete TermuX with its data, and reinstall it.

msfvenom/msfconsole : command not found!

There are two possible reasons for that error.

1). Metasploit is not properly installed on TermuX. That`s why, it was unable to create Command Shortcut. To fix this, uninstall the TermuX, with Data. Then reinstall TermuX and repeat all the Method again. This is actually a script error. I also faced this problem on first time installing Metasploit in TermuX!

2). Metasploit is successfully installed, but was unable to create the shortcut. To manage this, just enter:

Manual Way

Just open a New Session and go to metasploit-framework directory, and enter ./msfconsole command, Like This (same for msfvenom):

As I told before, NGROK does not provede a fixed Domain and Port. So, you have to generate a new APK file, when you plan to hack a phone, you hacked before. See what serveo says about NGROK:

Why we are using MiXplorer for Signing the APK File ...?

Actually, there is no Other way to sign the APK file on Android. Otherwise, You have to sign the APP file in Your PC (Specially in Kali LinuX). MiXplorer is the Excellent way to sign the APK file, directly in Android.

Metasploit Error: Failed to connect to the Database

Pic 13

Don`t worry about it. We have already made a solution for this :) . I think you have noticed earlier , that I was using "localhost" , instead of 127.0.0.1 or :::0:1 , as HOST. Actually, the "localhost" command automatically connects you to the available Local Host, no matter if it is 127.0.0.1 or :::0.1 or else.

But if you still want to fix it, enter the following commands in New Session of TermuX carefully:

1). Google NeXuS phones/Tablets are Excellent for Hack1nG Purposes. As, they completely supports Kali NetHunter. NetHunter includes all the tools for hacking, and it works as an Android/Windows on a Tablet.

2). But if we talk about Android, Many H4ck3Rs say that Samsung Galaxy S5 is Excellent for Ha4ck1nG Purposes. It has a good Android Version (around 5.0), also Fully supports the TermuX Application.

Note:-

This information is for Educational Purposes Only. I`ll not be responsible of any Negative or Illegal use of this information. Also if you face any type of errors, or you think that I`ve missed something, then tell me in Comments Section. I`ll find the Suitable Solution for that. Anyways, Just use these tricks for FUN... Not for doing Illegal work. We are all Ethical , and never invade people Privacies.

HOW TOHACK Android Device with TermuX on Android | Part #1 - Over the Internet
Reviewed by Shirley Bloggastron
on
11:00 AM
Rating: 5